Home

Sonatype makes it easy to build trusted software and keep it that way over time. Learn why your reliance on open source components may be putting your applications at risk - but it is an easily avoidable risk. Sonatype Component Lifecycle Management (CLM) helps developers leverage open source components while minimizing security, license and quality issues. Developers can go fast and use safer components from the start with intelligence built into the tools they use everyday. Sonatype CLM is a great way to augment your application security tools with component-based security. When coupled with DAST and SAST, CLM helps assure that 100% of your application is secure, including the 10% that is written and compiled and the 90% that is downloaded and assembled using open source components. Sonatype CLM can be used to meet OWASP, PCI and FS-ISAC recommendations for avoiding vulnerable components, to name a few.
Show less

In this series of training videos, you will learn everything there is to know about releasing your project to your Nexus repository manager. We start with a simple release to a standard hosted repository in Nexus. Then we adopt the usage of the Nexus Staging Suite and understanding what is happening during staging.

We see how notifications, staging rules, dedicated security setup and build promotion profiles allow you to create a powerful and fully automated release flow. You learn how you can use the same setup used for deploying to the Central Repository with OSSRH in your organization and finally how Sonatype CLM allows you take these features of Nexus Staging to a much more powerful validation including license issue detection, security vulnerability analysis, component selection compliance and more.

We are providing this series of free training modules as a thank you for being a part of our growing community at Sonatype. Join us for more resources at http://www.sonatype.org.